aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-10-27 12:20:35 +0300
committerFrederick Muriuki Muriithi2022-10-28 15:57:56 +0300
commit05628e484fb238cea6ac3267be959b2bb0702c61 (patch)
tree9fb701bc4cb8878d5a3f63d49e5f6520cb14783f /wqflask
parent560eb051e127fe4b8b93104200fe55512a72038f (diff)
downloadgenenetwork2-05628e484fb238cea6ac3267be959b2bb0702c61.tar.gz
Refactor: Pass user id to `check_resource_availability`
* Pass the user_id for the current user to the `check_resource_availability` function as an argument, rather than using the global `g.user_session.user_id` value.
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/base/trait.py5
-rw-r--r--wqflask/tests/unit/utility/test_authentication_tools.py12
-rw-r--r--wqflask/utility/authentication_tools.py9
-rw-r--r--wqflask/wqflask/correlation/show_corr_results.py1
-rw-r--r--wqflask/wqflask/gsearch.py5
-rw-r--r--wqflask/wqflask/search_results.py5
6 files changed, 20 insertions, 17 deletions
diff --git a/wqflask/base/trait.py b/wqflask/base/trait.py
index dcd81085..4352c527 100644
--- a/wqflask/base/trait.py
+++ b/wqflask/base/trait.py
@@ -44,9 +44,10 @@ def create_trait(**kw):
if dataset.type == 'Publish':
permissions = check_resource_availability(
- dataset, kw.get('name'))
+ dataset, g.user_session.user_id, kw.get('name'))
else:
- permissions = check_resource_availability(dataset)
+ permissions = check_resource_availability(
+ dataset, g.user_session.user_id)
if permissions['data'] != "no-access":
diff --git a/wqflask/tests/unit/utility/test_authentication_tools.py b/wqflask/tests/unit/utility/test_authentication_tools.py
index 024ab43f..fb8de292 100644
--- a/wqflask/tests/unit/utility/test_authentication_tools.py
+++ b/wqflask/tests/unit/utility/test_authentication_tools.py
@@ -21,6 +21,8 @@ class TestUser:
"""Mockes user id. Used in Flask.g.user_session.user_id"""
return b"Jane"
+user_id = b"Jane"
+
class TestUserSession:
"""Mock user session"""
@@ -52,7 +54,7 @@ class TestCheckResourceAvailability(unittest.TestCase):
test_dataset = mock.MagicMock()
type(test_dataset).type = mock.PropertyMock(return_value="Test")
add_new_resource_mock.return_value = {"default_mask": 2}
- self.assertEqual(check_resource_availability(test_dataset), 2)
+ self.assertEqual(check_resource_availability(test_dataset, user_id), 2)
@mock.patch('utility.authentication_tools.requests.get')
@mock.patch('utility.authentication_tools.add_new_resource')
@@ -72,7 +74,7 @@ class TestCheckResourceAvailability(unittest.TestCase):
requests_mock.return_value = TestResponse()
test_dataset = mock.MagicMock()
type(test_dataset).type = mock.PropertyMock(return_value="Test")
- self.assertEqual(check_resource_availability(test_dataset),
+ self.assertEqual(check_resource_availability(test_dataset, user_id),
['foo'])
@mock.patch('utility.authentication_tools.webqtlConfig.SUPER_PRIVILEGES',
@@ -95,14 +97,14 @@ class TestCheckResourceAvailability(unittest.TestCase):
requests_mock.return_value = TestResponse()
test_dataset = mock.MagicMock()
type(test_dataset).type = mock.PropertyMock(return_value="Test")
- self.assertEqual(check_resource_availability(test_dataset),
+ self.assertEqual(check_resource_availability(test_dataset, user_id),
"SUPERUSER")
@mock.patch('utility.authentication_tools.webqtlConfig.DEFAULT_PRIVILEGES',
"John Doe")
def test_check_resource_availability_string_dataset(self):
"""Test the resource availability if the dataset is a string"""
- self.assertEqual(check_resource_availability("Test"),
+ self.assertEqual(check_resource_availability("Test", user_id),
"John Doe")
@mock.patch('utility.authentication_tools.webqtlConfig.DEFAULT_PRIVILEGES',
@@ -111,7 +113,7 @@ class TestCheckResourceAvailability(unittest.TestCase):
"""Test the resource availability if the dataset is a string"""
test_dataset = mock.MagicMock()
type(test_dataset).type = mock.PropertyMock(return_value="Temp")
- self.assertEqual(check_resource_availability(test_dataset),
+ self.assertEqual(check_resource_availability(test_dataset, user_id),
"John Doe")
diff --git a/wqflask/utility/authentication_tools.py b/wqflask/utility/authentication_tools.py
index a8c03fe2..7d80b3fb 100644
--- a/wqflask/utility/authentication_tools.py
+++ b/wqflask/utility/authentication_tools.py
@@ -13,7 +13,7 @@ from utility.tools import GN_PROXY_URL
Redis = get_redis_conn()
-def check_resource_availability(dataset, trait_id=None):
+def check_resource_availability(dataset, user_id, trait_id=None):
# At least for now assume temporary entered traits are accessible
if type(dataset) == str or dataset.type == "Temp":
return webqtlConfig.DEFAULT_PRIVILEGES
@@ -33,14 +33,11 @@ def check_resource_availability(dataset, trait_id=None):
# Check if super-user - we should probably come up with some
# way to integrate this into the proxy
- if g.user_session.user_id in Redis.smembers("super_users"):
+ if user_id in Redis.smembers("super_users"):
return webqtlConfig.SUPER_PRIVILEGES
response = None
-
- the_url = GN_PROXY_URL + "available?resource={}&user={}".format(
- resource_id, g.user_session.user_id)
-
+ the_url = f"{GN_PROXY_URL}available?resource={resource_id}&user={user_id}"
try:
response = json.loads(requests.get(the_url).content)
except:
diff --git a/wqflask/wqflask/correlation/show_corr_results.py b/wqflask/wqflask/correlation/show_corr_results.py
index cda34bee..d3e50972 100644
--- a/wqflask/wqflask/correlation/show_corr_results.py
+++ b/wqflask/wqflask/correlation/show_corr_results.py
@@ -29,7 +29,6 @@ from base.webqtlConfig import TMPDIR
from wqflask.correlation.pre_computes import fetch_all_cached_metadata
from wqflask.correlation.pre_computes import cache_new_traits_metadata
-from utility.authentication_tools import check_resource_availability
from utility import hmac
from utility.type_checking import get_float, get_int, get_string
diff --git a/wqflask/wqflask/gsearch.py b/wqflask/wqflask/gsearch.py
index 202d2670..a1b3c5c4 100644
--- a/wqflask/wqflask/gsearch.py
+++ b/wqflask/wqflask/gsearch.py
@@ -4,8 +4,9 @@ from pymonad.maybe import Just, Maybe
from pymonad.tools import curry
import requests
-from gn3.monads import MonadicDict
-from utility.tools import GN3_LOCAL_URL
+from base import webqtlConfig
+from utility.monads import MonadicDict
+from wqflask.database import xapian_database
# KLUDGE: Due to the lack of pagination, we hard-limit the maximum
# number of search results.
diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py
index fd2b97d7..5019f156 100644
--- a/wqflask/wqflask/search_results.py
+++ b/wqflask/wqflask/search_results.py
@@ -6,6 +6,8 @@ import re
import json
+from flask import g
+
from base.data_set import create_dataset
from base.webqtlConfig import PUBMEDLINK_URL
from wqflask import parser
@@ -137,7 +139,8 @@ class SearchResultPage:
# Check permissions on a trait-by-trait basis for phenotype traits
trait_dict['name'] = trait_dict['display_name'] = str(result[0])
trait_dict['hmac'] = hmac.data_hmac('{}:{}'.format(trait_dict['name'], trait_dict['dataset']))
- permissions = check_resource_availability(self.dataset, trait_dict['display_name'])
+ permissions = check_resource_availability(
+ self.dataset, g.user_session.user_id, trait_dict['display_name'])
if not any(x in permissions['data'] for x in ["view", "edit"]):
continue